Bluepurple Pulse: week ending March 20th
Do you think imprisoned Russian hackers are sent to Cyberia?
Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading).
Operationally this week we have once again been reminded how challenging Intrusion Notifications at scale are in some parts of the world. If you thought Vulnerability Notifications to vendors was a challenge then Intrusion Notifications to victims is next level. All of these spun out of the Chinese intrusions we identified last week. We also had to inform one of the search engines they were serving malicious paid search results for a backdoored version of a tool.
In the high-level this week:
Former Canadian Government Employee Extradited to the United States - So they could face charges for dozens of ransomware attacks resulting in the payment of tens of millions of dollars in ransoms
European Parliament established a Pegasus (NSO Group) and other Surveillance Software Inquiry Committee - will be interesting to see what shakes out
UKRAINE: Timeline of Cyberattacks - a high-level timeline of …